To configure an ACL MAC filter policy
Steps
1 |
Choose Policies→Filter→ACL MAC Filter from the NFM-P main menu. The ACL MAC Filter Policies form opens. | ||
2 |
Click Create or select an existing policy and click Properties. The ACL MAC Filter (Create|Edit) form opens. | ||
3 |
Configure the parameters as required. The Default Action parameter specifies the action to be applied to packets when no action is specified in the MAC filter entries or when the packets do not match the specified criteria. Note: NEs that support next-generation CLI use the policy name as the key identifier for internal system reference. For policies on these NEs, you must configure a policy name (typically the service name or a numerical string). Policy IDs are also supported. You must configure a numerical range on the NE for auto-assigned policy IDs; see To configure an Auto-ID range for policies. | ||
4 |
If you need to configure the parameters on the Embedded Filters tab, refer to To configure an embedding filter with embedded filter policies . | ||
5 |
Configure a filter entry.
| ||
6 |
To add an additional filter entry, repeat Step 5. | ||
7 |
To define the order in which the policy tries to match filter entries with packets, perform the following steps for each filter entry.
| ||
8 |
Save your changes. The ACL MAC Filter Policies form reappears. | ||
9 |
Distributing a global ACL MAC filter policy with no filter entries (either because none have been created or all existing ones have been deleted) can cause a service outage. You should ensure that the policy has at least one filter entry, or you must be certain that distributing an empty policy is what you really intend to do. A global policy will be distributed to all of the policy local definitions. If you attempt the manual distribution of an empty policy, two warning confirmations will be issued. The first warning is issued when you change the policy’s Configuration Mode on the General tab from Draft to Released. You can either choose to proceed by clicking Yes, or abort the Configuration Mode change by clicking No. The second warning is issued if you changed the Configuration Mode to Released and then try to proceed with the actual distribution in the Distribute form. You can either choose to proceed by clicking Yes, or abort the distribution by clicking No. If you attempt to release an ACL MAC filter policy that has been initialized from an NE, you will also receive a warning confirmation, since the global policy may be partially updated from the local policy. The Discovery State indicator on the General tab displays this Initialized condition, and the Origin indicator identifies the NE. You should manually synchronize with a specific local policy before changing the Configuration Mode from Draft to Released. Click Search, select the policy in the list and click Distribute to manually distribute the policy locally to devices. See To release and distribute a policy for more information. Policies are also automatically distributed to devices when they are used by resources on the device. | ||
10 |
Close the ACL MAC Filter Policies form. End of steps |